A cyber attack resulted in a $230M loss for WazirX, a significant Indian crypto exchange, which affected nearly half of its reserves.
WazirX, a prominent Indian cryptocurrency exchange, recently published a contentious proposal to allocate a $230 million loss among its users in the aftermath of a significant security compromise.
The Mumbai-based organization stopped trading last week. India’s largest crypto theft to date was the result of a cyber attack that compromised nearly half of its reserves.
Cyvers, a blockchain security firm, identified anomalous activity on the Ethereum network on July 18 that originated from WazirX’s Safe Multisig wallet. Cyvers expressed apprehension that the wallet may have been compromised by a malicious entity.
The suspected address participated in numerous cryptocurrency exchanges subsequent to the breach. In answer, WazirX shut down its website, called the cops, and told the Financial Intelligence Unit (FIU) and CERT-In what was going on.
WazirX intends to resolve the aftermath by resuming operations within a week and implementing a “fair and transparent socialized loss strategy.” This method will entail the rebalancing of consumer portfolios. The exchange will retain only 55% of their holdings and invest the remaining 45% in USDT-equivalent tokens. This impacts all users, regardless of whether their assets were primary targets of theft.
WazirX provides two recovery alternatives. Option A enables users to trade and retain assets, thereby prioritizing them in recovery efforts, while simultaneously limiting withdrawals. Option B allows for trading and withdrawals, but users are of lower priority for recovery. Before conducting any transactions or withdrawals, users have the ability to alternate between these alternatives.
Nishal Shetty, the proprietor of the exchange, addressed the community, announcing that the firm did not provide customer funds insurance due to the absence of viable alternatives. He cautioned that complete restoration of losses may not be possible and that recuperation could require years.
Critics, such as Nikhil Pahwa, a policy expert, contend that WazirX’s actions surpass the typical responsibilities of an exchange, essentially redistributing assets among users. Additionally, customers have inquired as to why the organization is not employing its profit reserves to mitigate losses.
Earlier, BeInCrypto reported that WazirX implemented a bounty program three days following the incident. The program provides the intruder with $23 million in exchange for the return of the stolen funds. Furthermore, the exchange is providing up to $10,000 in USDT to any individual who can provide actionable intelligence that results in the blocking of the misappropriated assets.
WazirX had initially proposed a 5% reward, which amounted to $11.5 million. The potential involvement of North Korea’s Lazarus group led on-chain investigator ZachXBT to recommend an increase in the bounty.
“[A] $10 million bounty is negligible if the Lazarus Group is indeed responsible, as they are not likely to surrender the funds or be located and held legally culpable.” He asserted that 5% is less than the industry standard of 10% or higher.
Also Read: FTX Exec Requests Medical Treatment Delay in Prison
Wallets